Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need a check [Solved]

Started by Samballen , Apr 28 2013 06:09 AM

  • This topic is locked This topic is locked

#31
Essexboy
Posted 01 May 2013 - 08:37 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
On completion of this can you let me know how the computer is behaving

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Files
C:\Program Files\KMSpico

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

Advertisements

#32
Samballen
Posted 01 May 2013 - 09:10 AM

Samballen

    Member

  • Topic Starter
  • Banned
  • PipPip
  • 76 posts
All processes killed
========== FILES ==========
C:\Program Files\KMSpico\TokensBackup\cache folder moved successfully.
C:\Program Files\KMSpico\TokensBackup folder moved successfully.
C:\Program Files\KMSpico folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Bilir Ailesi

User: Cobi

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Mark de Jager
->Temp folder emptied: 59532497 bytes
->Temporary Internet Files folder emptied: 3951735 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 123641297 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 58623 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 51686 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 78565364 bytes

Total Files Cleaned = 254,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 05012013_164941

Files\Folders moved on Reboot...
File\Folder C:\Users\Mark de Jager\AppData\Local\Temp\JET61AE.tmp not found!
C:\Users\Mark de Jager\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\Mark de Jager\AppData\Local\Mozilla\Firefox\Profiles\8a8rp9hz.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Mark de Jager\AppData\Local\Mozilla\Firefox\Profiles\8a8rp9hz.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Mark de Jager\AppData\Local\Mozilla\Firefox\Profiles\8a8rp9hz.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Mark de Jager\AppData\Local\Mozilla\Firefox\Profiles\8a8rp9hz.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Mark de Jager\AppData\Local\Mozilla\Firefox\Profiles\8a8rp9hz.default\_CACHE_CLEAN_ moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\vmware-SYSTEM\vmauthd.log scheduled to be moved on reboot.
C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-2084.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL logfile created on: 1-5-2013 16:58:40 - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mark de Jager\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

11,86 Gb Total Physical Memory | 9,63 Gb Available Physical Memory | 81,25% Memory free
13,54 Gb Paging File | 11,22 Gb Available in Paging File | 82,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,42 Gb Total Space | 307,38 Gb Free Space | 68,24% Space Free | Partition Type: NTFS
Drive D: | 350,00 Mb Total Space | 309,34 Mb Free Space | 88,38% Space Free | Partition Type: NTFS

Computer Name: MARK-PC | User Name: Mark de Jager | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-05-01 10:20:20 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013-04-28 13:46:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mark de Jager\Desktop\OTL.exe
PRC - [2013-04-27 19:43:48 | 000,256,600 | ---- | M] (Microsoft Corporation) -- C:\Users\Mark de Jager\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013-04-04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013-03-12 15:01:38 | 000,559,168 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe
PRC - [2013-03-07 21:32:38 | 000,248,240 | ---- | M] (Facebook) -- C:\Users\Mark de Jager\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
PRC - [2013-03-07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-03-07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-03-06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013-02-15 16:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2013-02-02 10:40:58 | 000,375,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2013-01-15 18:47:10 | 000,465,216 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2012-12-25 17:35:10 | 004,474,832 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012-12-16 15:37:47 | 000,125,952 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
PRC - [2012-12-11 11:22:38 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-11-01 03:35:20 | 000,357,016 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2012-11-01 03:34:52 | 000,435,864 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2012-11-01 02:57:50 | 013,234,176 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
PRC - [2012-11-01 01:48:42 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2012-09-20 07:55:29 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2012-09-06 02:46:12 | 000,912,896 | ---- | M] (KARPOLAN) -- C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe
PRC - [2012-03-08 07:05:06 | 000,432,952 | ---- | M] (QFX Software Corporation) -- C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
PRC - [2012-01-09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2009-12-20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) -- C:\xampp\mysql\bin\mysqld.exe


========== Modules (No Company Name) ==========

MOD - [2013-05-01 10:20:19 | 003,115,928 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013-03-07 21:32:40 | 021,014,960 | ---- | M] () -- C:\Users\Mark de Jager\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
MOD - [2013-03-07 21:32:38 | 000,292,272 | ---- | M] () -- C:\Users\Mark de Jager\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
MOD - [2013-03-07 21:32:38 | 000,179,632 | ---- | M] () -- C:\Users\Mark de Jager\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
MOD - [2013-02-15 18:20:46 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30fabfc2d4fe632ecf463a0901bba2d3\System.Windows.Forms.ni.dll
MOD - [2013-02-05 12:06:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\253546cd467b0fd7e57623921595182d\System.Configuration.ni.dll
MOD - [2013-02-05 12:01:46 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d981792ebf85627e57c7d95594aa7092\System.Xml.ni.dll
MOD - [2013-02-05 12:01:38 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\97e24281000ae702b067281f3a01878a\System.Drawing.ni.dll
MOD - [2013-02-05 12:01:37 | 006,656,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\68ec2130ceb6a257762c70bc87ed0129\System.Data.ni.dll
MOD - [2013-02-05 12:01:11 | 007,989,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\0b80769ba127fce3221c1fd47e87c4a7\System.ni.dll
MOD - [2013-02-05 12:01:01 | 011,494,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8d2929ad589e1092eb62a43424361465\mscorlib.ni.dll
MOD - [2012-09-14 00:03:56 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012-07-06 04:01:13 | 002,972,672 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013-03-07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013-03-02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-03-02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013-02-02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-01-29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013-01-10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013-01-10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012-11-27 15:56:28 | 000,118,272 | ---- | M] (DeadPihto) [Auto | Running] -- C:\Windows\SysNative\wsservice_crk.dll -- (WSServiceCrk)
SRV:64bit: - [2012-11-06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012-11-06 06:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012-09-20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012-09-20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012-09-20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012-09-16 10:25:58 | 000,662,104 | ---- | M] (Genie9) [Auto | Running] -- C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe -- (GenieTimelineService)
SRV:64bit: - [2012-09-11 23:14:40 | 000,390,672 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2012-07-26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012-07-26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012-07-26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012-07-26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012-07-26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012-07-26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012-07-26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012-07-26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012-07-26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012-07-26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012-07-26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012-07-26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012-07-26 05:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013-05-01 10:20:20 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-04-19 16:00:08 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013-03-12 15:01:38 | 000,559,168 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe -- (ogmservice)
SRV - [2013-03-06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013-02-26 15:42:53 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2013-02-15 16:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013-02-15 16:27:52 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2013-02-15 14:08:20 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-01-15 18:47:10 | 000,465,216 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012-12-16 15:37:47 | 000,125,952 | ---- | M] (Yuna Software) [Auto | Running] -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe -- (MsgPlusService)
SRV - [2012-12-14 03:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-12-11 11:22:38 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-11-06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012-11-01 03:35:20 | 000,357,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2012-11-01 03:34:52 | 000,435,864 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2012-11-01 02:57:50 | 013,234,176 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2012-11-01 01:48:42 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2012-10-11 18:15:30 | 000,918,680 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2012-07-26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012-01-09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-12-20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) [Auto | Running] -- C:\xampp\mysql\bin\mysqld.exe -- (MySQL)
SRV - [2009-12-20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\xampp\apache\bin\httpd.exe -- (Apache2.2)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-04-04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013-03-31 14:18:59 | 000,261,352 | ---- | M] (SHADOWDEFENDER.COM) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\diskpt.sys -- (diskpt)
DRV:64bit: - [2013-03-07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-03-07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013-03-07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-03-07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-03-07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013-03-07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-03-07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-03-07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013-03-05 15:10:52 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2013-03-02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013-03-02 12:57:46 | 000,283,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013-03-02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-03-02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-03-02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013-03-02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013-02-05 19:34:43 | 000,047,240 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2013-02-05 19:34:37 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2013-02-05 19:34:37 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2013-02-02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013-02-02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-01-29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013-01-29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013-01-27 15:35:46 | 000,127,384 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2013-01-10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012-12-21 14:53:58 | 000,017,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2012-12-21 14:53:58 | 000,009,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2012-12-19 15:47:20 | 000,132,008 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012-12-14 03:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012-12-11 11:22:46 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012-11-27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012-11-20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012-11-06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012-11-01 03:34:54 | 000,067,224 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2012-11-01 03:34:32 | 000,030,360 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2012-11-01 03:34:10 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2012-11-01 03:34:08 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2012-11-01 03:34:04 | 000,032,920 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2012-10-24 15:17:14 | 000,070,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\vsock.sys -- (vsock)
DRV:64bit: - [2012-10-24 15:17:10 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\vmci.sys -- (vmci)
DRV:64bit: - [2012-10-12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-10-11 18:15:32 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2012-10-11 18:15:06 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2012-10-11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012-10-11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012-09-20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012-09-20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012-09-20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012-09-20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012-07-26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-07-26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012-07-26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012-07-26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012-07-26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012-07-26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012-07-26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012-07-26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012-07-26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012-07-26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012-07-26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012-07-26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012-07-26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012-07-26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012-07-26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012-07-26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012-07-26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012-07-26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012-07-26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012-07-26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012-07-26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012-07-26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012-07-26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012-07-26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012-07-26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012-07-26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012-07-26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012-07-26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012-07-26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012-07-26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012-07-26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012-07-26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012-07-26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012-07-26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012-07-26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-07-26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012-07-26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012-07-26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-07-26 04:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)
DRV:64bit: - [2012-07-26 04:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2012-07-26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012-07-26 04:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2012-07-26 04:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2012-07-26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012-07-26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012-07-26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012-06-02 16:31:37 | 000,425,472 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2012-06-02 16:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr)
DRV:64bit: - [2011-12-26 16:27:24 | 000,015,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ampa.sys -- (ampa)
DRV:64bit: - [2011-12-15 02:46:42 | 000,222,904 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\keyscrambler.sys -- (KeyScrambler)
DRV:64bit: - [2011-06-15 22:10:58 | 000,015,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ddmdrv.sys -- (ddmdrv)
DRV:64bit: - [2010-10-20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV - [2013-02-15 16:28:06 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2012-12-21 14:54:00 | 000,014,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2012-12-21 14:53:58 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2012-07-05 13:53:22 | 000,021,904 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2012-07-05 13:53:18 | 000,033,224 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2012-01-05 18:07:14 | 000,021,384 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2011-12-26 16:27:22 | 000,012,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ampa.sys -- (ampa)
DRV - [2011-06-15 22:09:42 | 000,012,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ddmdrv.sys -- (ddmdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.nl.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9E 41 45 52 3E 02 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.google.nl/"
FF - prefs.js..extensions.enabledAddons: %7B27c60876-b5c9-4335-b4f3-52b26782220c%7D:0.9.4
FF - prefs.js..extensions.enabledAddons: %7B563e4790-7e70-11da-a72b-0800200c9a66%7D:0.9f
FF - prefs.js..extensions.enabledAddons: %7Ba5312b79-bf0d-4825-a25f-b33d67d4a58a%7D:13.15.63
FF - prefs.js..extensions.enabledAddons: rssicon%40jasnapaka.com:1.4
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.2
FF - prefs.js..extensions.enabledAddons: %7B59c81df5-4b7a-477b-912d-4e0fdf64e5f2%7D:0.9.90
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: coralietab%40mozdev.org:2.04.20110724
FF - prefs.js..extensions.enabledAddons: %7Bac2cfa60-bc96-11e0-962b-0800200c9a66%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Mark de Jager\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mark de Jager\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-28 17:31:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-04-06 13:04:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-04-27 18:03:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\CaptureSaver\Firefox [2013-03-19 10:57:39 | 000,000,000 | ---D | M]

[2013-02-03 20:47:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\Extensions
[2013-04-27 18:56:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\Firefox\Profiles\8a8rp9hz.default\extensions
[2013-03-01 16:23:09 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\Firefox\Profiles\8a8rp9hz.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2013-04-20 17:27:22 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\Firefox\Profiles\8a8rp9hz.default\extensions\[email protected]
[2013-04-22 09:51:21 | 000,000,000 | ---D | M] (IE Tab +) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\Firefox\Profiles\8a8rp9hz.default\extensions\[email protected]
[2013-03-06 14:25:15 | 000,207,249 | ---- | M] () (No name found) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\firefox\profiles\8a8rp9hz.default\extensions\[email protected]
[2013-02-06 21:15:48 | 000,015,618 | ---- | M] () (No name found) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\firefox\profiles\8a8rp9hz.default\extensions\[email protected]
[2013-02-08 21:59:50 | 000,615,655 | ---- | M] () (No name found) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\firefox\profiles\8a8rp9hz.default\extensions\[email protected]
[2013-02-05 11:34:49 | 000,007,532 | ---- | M] () (No name found) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\firefox\profiles\8a8rp9hz.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
[2013-02-06 18:51:54 | 000,010,707 | ---- | M] () (No name found) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\firefox\profiles\8a8rp9hz.default\extensions\{563e4790-7e70-11da-a72b-0800200c9a66}.xpi
[2013-02-06 21:01:15 | 000,045,996 | ---- | M] () (No name found) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\firefox\profiles\8a8rp9hz.default\extensions\{a5312b79-bf0d-4825-a25f-b33d67d4a58a}.xpi
[2013-04-27 18:56:04 | 000,052,139 | ---- | M] () (No name found) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\firefox\profiles\8a8rp9hz.default\extensions\{ac2cfa60-bc96-11e0-962b-0800200c9a66}.xpi
[2013-02-14 11:09:20 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Mark de Jager\AppData\Roaming\mozilla\firefox\profiles\8a8rp9hz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-04-05 19:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013-04-05 19:06:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-05-01 10:20:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\distribution\extensions
[2013-01-11 03:06:08 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Mark de Jager\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Documenten = C:\Users\Mark de Jager\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Documenten = C:\Users\Mark de Jager\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Mark de Jager\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Google Drive = C:\Users\Mark de Jager\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Mark de Jager\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Mark de Jager\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Zoeken = C:\Users\Mark de Jager\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Zoeken = C:\Users\Mark de Jager\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Mark de Jager\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Gmail = C:\Users\Mark de Jager\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013-05-01 16:49:42 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Sticky Password Toolbar) - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (CaptureSaver) - {5148AB7D-8868-4490-B6DA-F98368488582} - C:\Program Files (x86)\CaptureSaver\CaptureSaverIE.dll (www.capturesaver.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Sticky Password Toolbar) - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Shadow Defender Daemon] C:\Program Files\Shadow Defender\DefenderDaemon.exe (SHADOWDEFENDER.COM)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKLM..\Run: [MessengerPlusForSkypeService] C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software)
O4 - HKLM..\Run: [Photobucket Backup] C:\Program Files (x86)\Photobucket Backup\Photobucket.App.exe (Photobucket)
O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [vmware-tray.exe] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [KeyboardLeds.exe] C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe (KARPOLAN)
O4 - HKCU..\Run: [pdiface] C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe -noshow File not found
O4 - HKCU..\Run: [SkyDrive] C:\Users\Mark de Jager\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Mark de Jager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Mark de Jager\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O8:64bit: - Extra context menu item: Add to CaptureSaver - C:\Program Files (x86)\CaptureSaver\\AddFromIE.htm ()
O8:64bit: - Extra context menu item: Sticky Password - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O8 - Extra context menu item: Add to CaptureSaver - C:\Program Files (x86)\CaptureSaver\\AddFromIE.htm ()
O8 - Extra context menu item: Sticky Password - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O9:64bit: - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: CaptureSaver - {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - C:\Program Files (x86)\CaptureSaver\CaptureSaverIE.dll (www.capturesaver.com)
O9 - Extra 'Tools' menuitem : CaptureSaver - {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: mediapluspro.com ([www] https in Vertrouwde websites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{404E2125-F77B-4A20-89E5-7CE2767B2BAF}: DhcpNameServer = 192.168.2.254
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{72e93269-6e2f-11e2-be65-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{72e93269-6e2f-11e2-be65-806e6f6e6963}\Shell\AutoRun\command - "" = "E:\setup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-05-01 16:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shadow Defender
[2013-05-01 16:13:38 | 000,261,352 | ---- | C] (SHADOWDEFENDER.COM) -- C:\Windows\SysNative\drivers\diskpt.sys
[2013-05-01 16:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\Shadow Defender
[2013-05-01 15:44:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-05-01 10:04:16 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\Documents\Aangepaste Office-sjablonen
[2013-04-28 17:33:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013-04-28 17:33:14 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013-04-28 17:33:14 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013-04-28 17:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013-04-28 17:33:08 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013-04-28 17:33:08 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013-04-28 17:32:11 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013-04-28 17:32:10 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013-04-28 17:30:17 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013-04-28 17:16:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-04-28 17:12:12 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013-04-28 16:01:39 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013-04-28 16:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013-04-28 15:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013-04-28 15:40:23 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\Documents\Leawo
[2013-04-28 15:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Leawo
[2013-04-28 15:38:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
[2013-04-28 15:38:23 | 000,606,208 | ---- | C] (http://www.xvid.org) -- C:\Windows\SysWow64\xvidcore.dll
[2013-04-28 15:38:23 | 000,438,272 | ---- | C] (Gabest) -- C:\Windows\SysWow64\Mpeg2DecFilter.ax
[2013-04-28 15:38:23 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\Windows\SysWow64\xvid.ax
[2013-04-28 15:38:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Leawo
[2013-04-28 14:31:27 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Local\liQeNSoft
[2013-04-28 14:05:40 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Local\TeknoGods
[2013-04-28 13:46:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mark de Jager\Desktop\OTL.exe
[2013-04-28 13:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MW3
[2013-04-28 13:14:46 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MW3
[2013-04-28 13:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\MW3
[2013-04-27 20:39:35 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\RealPopup
[2013-04-27 20:39:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealPopup
[2013-04-27 20:23:56 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\Desktop\Computerspeeltuin.{ED7BA470-8E54-465E-825C-99712043E01C}
[2013-04-27 20:14:21 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\HTML Executable
[2013-04-27 19:44:46 | 000,000,000 | R--D | C] -- C:\Users\Mark de Jager\Desktop\SkyDrive
[2013-04-27 19:43:54 | 000,000,000 | R--D | C] -- C:\Users\Mark de Jager\SkyDrive
[2013-04-27 19:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013-04-27 19:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013-04-27 17:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSR Soft
[2013-04-27 17:28:04 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\Documents\TSR Software
[2013-04-27 17:28:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TSR Soft
[2013-04-27 16:04:58 | 000,000,000 | ---D | C] -- C:\gql
[2013-04-27 16:04:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deluge
[2013-04-27 15:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013-04-27 15:22:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013-04-27 15:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013-04-27 15:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013-04-27 15:18:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit
[2013-04-26 18:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2013-04-26 18:35:58 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2013-04-23 08:39:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013-04-20 18:17:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2013-04-20 18:17:16 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\Documents\Anti-Malware
[2013-04-20 17:29:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013-04-19 20:38:06 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\Documents\Navicat
[2013-04-19 17:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013-04-19 17:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6
[2013-04-19 17:42:51 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\IObit
[2013-04-19 17:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013-04-17 11:45:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremiumSoft
[2013-04-17 11:45:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PremiumSoft
[2013-04-16 08:58:23 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\Enplase
[2013-04-16 08:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima Steganography
[2013-04-16 08:58:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ultima Steganography
[2013-04-15 19:28:20 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\Desktop\Keygens en activators
[2013-04-15 19:28:02 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\Desktop\Host Hotel
[2013-04-14 10:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013-04-14 10:40:13 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-04-14 09:51:03 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\QFX Software
[2013-04-14 09:51:03 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2013-04-14 09:51:01 | 000,222,904 | ---- | C] (QFX Software Corporation) -- C:\Windows\SysNative\drivers\keyscrambler.sys
[2013-04-14 09:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2013-04-14 09:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyScrambler
[2013-04-13 21:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uTorrent Turbo Booster
[2013-04-13 21:47:25 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\uTorrent Turbo Booster
[2013-04-13 21:47:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent Turbo Booster
[2013-04-13 21:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\WNR
[2013-04-13 21:20:38 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\WNR
[2013-04-13 21:20:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Proxy Switcher Standard
[2013-04-13 19:40:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013-04-13 19:38:35 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\GoforFiles
[2013-04-13 19:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GoforFiles
[2013-04-13 19:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013-04-12 19:58:00 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2013-04-11 16:12:10 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\PicaJet.Com
[2013-04-11 16:12:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicaJet.Com
[2013-04-11 16:12:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PicaJet.Com
[2013-04-08 10:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Logo Remover
[2013-04-08 10:37:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Logo Remover
[2013-04-06 13:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013-04-06 13:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013-04-04 08:30:09 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\Apple Computer
[2013-04-03 14:57:21 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\Documents\CyberLink
[2013-04-03 14:56:52 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\CyberLink
[2013-04-03 14:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013-04-03 14:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2013-04-03 14:53:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software
[2013-04-03 14:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
[2013-04-03 14:52:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013-04-03 14:51:53 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Local\Apple
[2013-04-03 14:51:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013-04-03 14:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013-04-03 14:51:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 11
[2013-04-03 14:51:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2013-04-03 14:47:11 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2013-04-03 14:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013-04-03 14:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2013-04-03 13:25:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2013-04-03 13:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo
[2013-04-03 13:25:47 | 000,034,304 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\SysNative\DfSdkBt.exe
[2013-04-03 13:25:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2013-04-02 19:00:09 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2013-04-02 19:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2013-04-02 10:09:49 | 000,000,000 | ---D | C] -- C:\Users\Mark de Jager\Desktop\Opdrachten Nederlands, Dennis

========== Files - Modified Within 30 Days ==========

[2013-05-01 17:01:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-05-01 16:57:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-05-01 16:55:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-05-01 16:53:11 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013-05-01 16:52:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013-05-01 16:49:42 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013-05-01 16:46:00 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-05-01 16:17:34 | 000,000,000 | ---- | M] () -- C:\Windows\diskpt.dat
[2013-05-01 16:13:42 | 000,001,042 | ---- | M] () -- C:\Users\Mark de Jager\Application Data\Microsoft\Internet Explorer\Quick Launch\Shadow Defender.lnk
[2013-05-01 16:13:42 | 000,001,018 | ---- | M] () -- C:\Users\Public\Desktop\Shadow Defender.lnk
[2013-05-01 16:13:42 | 000,000,064 | ---- | M] () -- C:\Windows\diskpt.crt
[2013-05-01 14:12:01 | 000,000,976 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2189671484-2947882400-2928688451-1001UA.job
[2013-05-01 11:09:36 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2013-05-01 11:09:36 | 000,001,890 | ---- | M] () -- C:\Windows\diagwrn.xml
[2013-04-30 20:12:03 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2189671484-2947882400-2928688451-1001Core.job
[2013-04-28 18:32:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013-04-28 13:46:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mark de Jager\Desktop\OTL.exe
[2013-04-28 13:06:26 | 000,002,190 | -H-- | M] () -- C:\Users\Mark de Jager\Documents\Default.rdp
[2013-04-27 18:26:31 | 000,001,105 | ---- | M] () -- C:\Users\Mark de Jager\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013-04-27 16:06:38 | 004,874,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-04-14 10:53:17 | 001,808,720 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-04-14 10:53:17 | 000,802,560 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2013-04-14 10:53:17 | 000,715,832 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-04-14 10:53:17 | 000,161,432 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2013-04-14 10:53:17 | 000,134,668 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-04-14 10:29:21 | 000,000,024 | ---- | M] () -- C:\Users\Mark de Jager\random.dat
[2013-04-14 10:28:59 | 000,000,052 | ---- | M] () -- C:\Users\Mark de Jager\jagex_cl_runescape_LIVE.dat
[2013-04-13 21:47:26 | 000,001,163 | ---- | M] () -- C:\Users\Mark de Jager\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Turbo Booster.lnk
[2013-04-13 19:35:47 | 000,000,271 | RH-- | M] () -- C:\Windows\Stop.cmd
[2013-04-10 13:32:59 | 000,000,024 | ---- | M] () -- C:\Users\Mark de Jager\jagexappletviewer.preferences
[2013-04-06 18:08:22 | 000,005,632 | ---- | M] () -- C:\Users\Mark de Jager\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-04-04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2013-05-01 16:17:34 | 000,000,000 | ---- | C] () -- C:\Windows\diskpt.dat
[2013-05-01 16:13:42 | 000,001,042 | ---- | C] () -- C:\Users\Mark de Jager\Application Data\Microsoft\Internet Explorer\Quick Launch\Shadow Defender.lnk
[2013-05-01 16:13:42 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\Shadow Defender.lnk
[2013-05-01 16:13:42 | 000,000,064 | ---- | C] () -- C:\Windows\diskpt.crt
[2013-05-01 11:17:36 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2013-04-28 17:32:10 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013-04-28 17:32:10 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013-04-28 16:01:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013-04-27 20:39:32 | 000,000,929 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealPopup.lnk
[2013-04-27 19:43:53 | 000,002,304 | ---- | C] () -- C:\Users\Mark de Jager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2013-04-27 16:21:11 | 000,001,105 | ---- | C] () -- C:\Users\Mark de Jager\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013-04-17 11:45:52 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2013-04-13 21:47:26 | 000,001,163 | ---- | C] () -- C:\Users\Mark de Jager\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Turbo Booster.lnk
[2013-04-13 20:32:35 | 004,874,416 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-04-13 19:34:23 | 000,001,062 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013-04-13 19:32:55 | 000,000,271 | RH-- | C] () -- C:\Windows\Stop.cmd
[2013-04-13 16:10:00 | 000,002,190 | -H-- | C] () -- C:\Users\Mark de Jager\Documents\Default.rdp
[2013-04-12 19:58:00 | 000,000,290 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job
[2013-04-10 20:12:49 | 000,001,494 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
[2013-04-10 14:25:02 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013-04-03 14:51:51 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013-03-23 15:12:54 | 000,000,054 | ---- | C] () -- C:\Users\Mark de Jager\jagex_cl_speccollect_LIVE.dat
[2013-03-19 21:10:59 | 000,230,206 | ---- | C] () -- C:\ProgramData\1363720194.bdinstall.bin
[2013-03-19 20:49:39 | 000,579,637 | ---- | C] () -- C:\ProgramData\1363718718.bdinstall.bin
[2013-03-18 14:12:08 | 000,000,038 | ---- | C] () -- C:\Program Files (x86)\cfg.ini
[2013-03-18 14:10:48 | 001,645,496 | ---- | C] () -- C:\Windows\ampa.exe
[2013-03-18 14:10:48 | 000,012,728 | ---- | C] () -- C:\Windows\SysWow64\ampa.sys
[2013-03-18 14:10:42 | 000,012,728 | ---- | C] () -- C:\Windows\SysWow64\ddmdrv.sys
[2013-03-18 14:10:41 | 001,293,240 | ---- | C] () -- C:\Windows\ddmmain.exe
[2013-03-17 12:49:46 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013-03-12 15:41:44 | 000,000,416 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013-03-09 12:18:07 | 000,005,632 | ---- | C] () -- C:\Users\Mark de Jager\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-03-02 17:07:06 | 000,000,104 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013-02-28 10:04:32 | 000,000,053 | ---- | C] () -- C:\Users\Mark de Jager\jagex_cl_runescape_LIVE1.dat
[2013-02-26 15:43:40 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2013-02-25 17:16:37 | 000,000,052 | ---- | C] () -- C:\Users\Mark de Jager\jagex_cl_oldschool_LIVE.dat
[2013-02-22 19:41:39 | 000,000,054 | ---- | C] () -- C:\Users\Mark de Jager\jagex_cl_loginapplet_LIVE.dat
[2013-02-11 13:17:40 | 002,468,520 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2013-02-11 13:17:40 | 000,087,112 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2013-02-11 13:17:40 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2013-02-11 13:17:40 | 000,014,920 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2013-02-11 13:17:40 | 000,009,160 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2013-02-08 19:49:28 | 000,004,096 | -H-- | C] () -- C:\Users\Mark de Jager\AppData\Local\keyfile3.drm
[2013-02-07 16:19:56 | 000,211,665 | ---- | C] () -- C:\ProgramData\1360246678.bdinstall.bin
[2013-02-07 16:09:23 | 000,371,893 | ---- | C] () -- C:\ProgramData\1360245933.bdinstall.bin
[2013-02-07 10:17:14 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013-02-06 13:02:47 | 001,821,998 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-02-05 09:12:38 | 000,088,362 | ---- | C] () -- C:\Users\Mark de Jager\AppData\Roaming\spritesa
[2013-02-04 13:30:59 | 000,000,052 | ---- | C] () -- C:\Users\Mark de Jager\jagex_cl_runescape_LIVE.dat
[2013-02-04 13:30:59 | 000,000,024 | ---- | C] () -- C:\Users\Mark de Jager\random.dat
[2013-02-04 13:30:55 | 000,000,024 | ---- | C] () -- C:\Users\Mark de Jager\jagexappletviewer.preferences
[2013-02-04 11:27:40 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012-12-14 03:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012-12-14 03:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-12-14 03:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012-07-26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012-07-26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012-07-26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012-07-26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012-07-25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012-07-25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012-06-02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2013-04-01 16:18:47 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-03-02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-03-02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-03-14 17:57:53 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\1-abc
[2013-02-08 12:51:39 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Acronis
[2013-02-05 18:30:56 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\ActiveX
[2013-04-27 20:30:18 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Atari
[2013-03-19 10:53:58 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\CaptureSaver
[2013-03-03 11:47:03 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013-04-16 08:58:23 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Enplase
[2013-02-06 15:31:33 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\ESET
[2013-04-14 10:43:37 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\FileZilla
[2013-02-27 16:30:18 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Firetrust
[2013-03-21 20:08:14 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Genie9
[2013-04-13 19:38:35 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\GoforFiles
[2013-04-27 20:14:21 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\HTML Executable
[2013-03-09 11:47:50 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\idoo
[2013-04-20 17:29:01 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\IObit
[2013-02-25 11:44:33 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Lamantine
[2013-02-11 17:57:06 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Notepad++
[2013-03-02 17:07:40 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Photobucket
[2013-04-11 16:12:10 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\PicaJet.Com
[2013-02-05 20:03:24 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\PowerISO
[2013-03-13 15:53:24 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Publish Providers
[2013-04-14 09:51:03 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\QFX Software
[2013-02-07 16:06:02 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\QuickScan
[2013-02-05 20:16:55 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Returnil
[2013-02-05 18:30:09 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Soft4Boost
[2013-03-09 12:18:07 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Solveig Multimedia
[2013-03-10 17:02:18 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Sony
[2013-03-02 20:14:07 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\TeamViewer
[2013-03-01 13:17:48 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\TechSmith
[2013-03-05 15:11:58 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\TrueCrypt
[2013-02-09 17:01:16 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\Unity
[2013-05-01 16:21:10 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\uTorrent
[2013-04-13 21:47:25 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\uTorrent Turbo Booster
[2013-04-13 21:20:38 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\WNR
[2013-02-13 11:42:54 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\X-Chat 2
[2013-03-03 13:11:32 | 000,000,000 | ---D | M] -- C:\Users\Mark de Jager\AppData\Roaming\XUSSoft

========== Purity Check ==========



< End of report >
  • 0

#33
Essexboy
Posted 01 May 2013 - 10:33 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer now ?
  • 0

#34
Samballen
Posted 01 May 2013 - 10:36 AM

Samballen

    Member

  • Topic Starter
  • Banned
  • PipPip
  • 76 posts
Fine. Can I do something else?
  • 0

#35
Essexboy
Posted 01 May 2013 - 10:40 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not really, if you are happy I will tidy up
  • 0

#36
Samballen
Posted 01 May 2013 - 10:50 AM

Samballen

    Member

  • Topic Starter
  • Banned
  • PipPip
  • 76 posts
Can you help me delete some programms?
  • 0

#37
Essexboy
Posted 01 May 2013 - 11:12 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Which ones do you wish to remove ?
  • 0

#38
Samballen
Posted 01 May 2013 - 11:17 AM

Samballen

    Member

  • Topic Starter
  • Banned
  • PipPip
  • 76 posts

Which ones do you wish to remove ?

I don't know what I can remove.. Can I make a list of something?
  • 0

#39
Essexboy
Posted 01 May 2013 - 11:21 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
This is a list of installed programmes, I would recommend that you use Revo uninstaller to uninstall the ones in red

"1-abc.net File Encrypter" = 1-abc.net File Encrypter (Remove only)
"ACPsoft PDF Converter" = ACPsoft PDF Converter
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"AOMEI Dynamic Disk Manager Pro Edition_is1" = AOMEI Dynamic Disk Manager Pro Edition
"BlueStacks App Player" = BlueStacks App Player
"CaptureSaver_is1" = CaptureSaver V4.2.5
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Easy Drive Data Recovery" = Easy Drive Data Recovery
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.6.0.2
"Genie Timeline" = Genie Timeline
"Google Chrome" = Google Chrome
"HyperCam 3" = HyperCam 3
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}" = CyberLink PowerDirector 11
"IObit Malware Fighter_is1" = IObit Malware Fighter
"Keyboard LEDs" = Keyboard LEDs
"KeyScrambler" = KeyScrambler
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.75.0.1300
"Messenger Plus!" = Messenger Plus!
"Messenger Plus! for Skype" = Messenger Plus! for Skype
"mIRC" = mIRC
"Mozilla Firefox 21.0 (x86 nl)" = Mozilla Firefox 21.0 (x86 nl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MW3v1.4.382" = MW3
"Notepad++" = Notepad++
"Online Games Manager" = Online Games Manager v1.20
"PDF Logo Remover_is1" = PDF Logo Remover 1.0
"PowerISO" = PowerISO
"PremiumSoft Navicat Premium_is1" = PremiumSoft Navicat Premium 9.1
"RealPopup_is1" = RealPopup
"Revo Uninstaller" = Revo Uninstaller 1.94
"RoboImport_is1" = RoboImport 1.2.0.72
"SoftOrbits Photo Retoucher_is1" = SoftOrbits Photo Retoucher 1.3
"Sticky Password_is1" = Sticky Password 6.0.8.437
"TeamViewer 8" = TeamViewer 8
"TrueCrypt" = TrueCrypt
"TSR Watermark Image_is1" = TSR Watermark Image software version 2.3.4.1
"UBCD4Win_is1" = UBCD4Win 3.60
"Ultima Steganography_is1" = Ultima Steganography 1.7
"uTorrent" = µTorrent
"uTorrent Turbo Booster" = uTorrent Turbo Booster
"VMware_Workstation" = VMware Workstation
"WinLiveSuite_Wave3" = Windows Live Essentials
"xampp" = XAMPP 1.8.1
"XUS PC Lock Professional Edition(x32 & x64)_is1" = XUS PC Lock Professional Edition 4.1.68
"Your Software Deals_is1" = Your Software Deals 1.0.0
  • 0

#40
Samballen
Posted 01 May 2013 - 11:27 AM

Samballen

    Member

  • Topic Starter
  • Banned
  • PipPip
  • 76 posts
What about "WinLiveSuite_Wave3" = Windows Live Essentials
  • 0

Advertisements

#41
Essexboy
Posted 01 May 2013 - 11:29 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That de[pends on whether you use any live products on the system, and some are unique to windows 8
  • 0

#42
Samballen
Posted 01 May 2013 - 12:01 PM

Samballen

    Member

  • Topic Starter
  • Banned
  • PipPip
  • 76 posts
What you mean?
  • 0

#43
Essexboy
Posted 01 May 2013 - 12:42 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I will need to check on my 8 system but I believe the wave element is an indication that it is the latest live release
  • 0

#44
Samballen
Posted 01 May 2013 - 12:54 PM

Samballen

    Member

  • Topic Starter
  • Banned
  • PipPip
  • 76 posts
If you can do that pleas, btw thanks for that program!
  • 0

#45
Essexboy
Posted 01 May 2013 - 01:33 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I have just found out that the wave-3 is a ghost entry and there is actually no related programme for that so uninstall it via Revo uninstaller

Most of the other programmes do have some function that you may need, so only uninstall the ones you do not think you will need
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP